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DETAILED ACTION 

This action is responsive to the amendment filed January 22, 2004. Claims 1-27 
are pending. 



Claim Rejections - 35 USC § 101 

1. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 22 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 22 teaches a system for mitigating 
against a denial of service attack. Page 1 6, lines 1 1 -1 8 of the specification reads "each 
probing system, could also be implemented in hardware or any combination of 
hardware, firmware, logic and software." The idea that the system can be embodied 
fully in software makes the system, software per se and non-statutory. 



Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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3. Claims 1 , 2, 4-22, and 27 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Chan et al., U.S. Patent No. 6,192,054, further in view of Osterman, 
U.S. Patent Application Publication No. 2005/0108331. 

Chan teaches the invention substantially as claimed including an acceleration of 
data network traffic between two nodes through the elimination of node latency by 
bypassing nodes which are not participating in communication (see abstract). 

As to claiml , Chan teaches an overlay network for maintaining traffic flow 
between a client and a server during a denial of service attack, comprising: a set of 
overlay nodes, coupled between the client and the server, wherein each overlay node 
comprises: 

a ranking module configured to rank the overlay nodes based on a performance 
metric, wherein an overlay node with a higher-ranking indicates that the overlay node 
has better performance for transferring traffic to the server than overlay nodes with 
lower-rankings (col. 1 , line 57 - col. 2, line 14, Chan discloses ranking of nodes on a 
network based on performance); and 

a probing module configured to probe a portion of the overlay nodes during 
probing intervals (col. 4, lines 10-29, col. 13, lines 6-32, Chan discloses probing nodes). 

Chan does not explicitly teach probing higher-ranking nodes more frequently 
than nodes with lower-rankings. 



Application/Control Number: 10/762,391 Page 4 

Art Unit: 2157 

However, Osterman teaches architecture that employs unicast and multicast 
messaging to detect network devices (see abstract). Osterman teaches the use of 
more frequent statusing of higher ranked nodes (paragraph 79). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Chan in view of Osterman to probe higher-ranking nodes more 
frequently than nodes with lower-rankings. One would be motivated to do so because it 
will receive more up to date information on nodes that are better performing. 

Regarding claim 2, Chan teaches the overlay network as recited in claim 1 , 
wherein each overlay node further comprises a path selection module, configured to 
dynamically select an overlay node with a highest-rankings to be included as part of a 
pathway for transferring traffic to the server (col. 13, lines 6-32, Chan discloses the 
highest ranking node dynamically included in the network data path). 

Regarding claim 4, Chan teaches the overlay network as recited in claim 1 , 
further comprising one or more target nodes, configured to transfer the traffic from one 
or more of the overlay nodes directly to the server, the one or more target nodes having 
exclusive knowledge of an identity for the server (col. 7, lines 38-67, Chan discloses 
nodes sending data to a server). 
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Regarding claim 5, Chan teaches the overlay network as recited in claim 1 , 
wherein each overlay node is virtually connected to each other (col. 1, lines 51-56, 
Chan discloses all the nodes connected to one another). 

Regarding claim 6, Chan teaches the overlay network as recited in claim 1 , 
wherein the performance metric includes at least one of: available bandwidth, latency, 
loss rate, and jitter; and wherein an overlay node with a higher-ranking indicates that the 
overlay node has better performance for transferring traffic to the server than overlay 
nodes with lower-rankings, the better performance including at least one of: more 
available bandwidth, less jitter, lower latency, and less packet loss (col. 1, lines 8-14, 
col. 1, line 51 - col. 2, line 14, Chan discloses the higher ranking nodes having lower 
latency). 

Regarding claim 7, Chan teaches the overlay network as recited in claim 1 , 
wherein the ranking module is further configured to determine whether the portion of 
overlay nodes with higher-rankings continue to have better performance for transferring 
traffic to the server than one or more of the overlay nodes with lower-rankings after a 
probing interval (col. 13-15). 

Regarding claim 8, Chan teaches the overlay network as recited in claim 1 , 
wherein the ranking module is configured to demote the rankings of the portion of 
overlay nodes with higher-rankings to lower-rankings if the portion of overlay nodes with 
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higher-rankings have worse performance for transferring traffic to the server than one or 
more of the overlay nodes with lower-rankings after a probing interval (col. 13-15). 

Regarding claim 9, Chan teaches the overlay network as recited in claim 1 , 
wherein the traffic is data (col. 1 , lines 8-14). 

Regarding claim 17, Chan teaches the method as recited in claim 10, further 
comprising determining whether the portion of overlay nodes with higher-rankings 
continue to have better performance for transferring traffic to a target than one or more 
of the overlay nodes with lower-rankings after a probing interval; and promoting the 
rankings of one or more of the overlay nodes with lower-rankings to higher-rankings, if 
the portion of overlay nodes with higher-rankings have worse performance for 
transferring traffic to a target than one or more of the overlay nodes with lower-rankings 
(col. 13-15). 

Claims 1 0-1 6, 1 8-22, and 27 do not teach or define any new limitations above 
claims 1, 2, 4-9, and 17 and therefore are rejected for similar reasons. 

4. Claims 3 and 23-26 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Chan and Osterman further in view of Corrigan et al., U.S. Patent Publication No. 
2004/0148357. 
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Chan teaches the invention substantially as claimed including an acceleration of 
data network traffic between two nodes through the elimination of node latency by 
bypassing nodes which are not participating in communication (see abstract). 
Osterman teaches the invention substantially as claimed including architecture that 
employs unicast and multicast messaging to detect network devices (see abstract). 

As to claim 3, Chan and Osterman teach the method of claim 1 . 

Chan and Osterman do not explicitly teach an access node, configured to 
authenticate traffic directed to the server from the client, and forward authenticated 
traffic to one or more of the overlay nodes. 

However, Corrigan teaches a messaging gateway for use by mobile networks 
(see abstract). Corrigan teaches the use of validation nodes (paragraph 51). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Chan and Osterman in view of Corrigan to use an access node, 
configured to authenticate traffic directed to the server from the client, and forward 
authenticated traffic to one or more of the overlay nodes. One would be motivated to do 
so because it guarantees confidentiality and integrity of all traffic. 

Regarding claim 23, Chan and Osterman teach an overlay network to mitigate a 
denial of service attack, comprising: target nodes configured to transfer the traffic 
previously authenticated by the access nodes to the server; and overlay nodes, coupled 
between the access nodes and the target nodes, configured to route the traffic from the 
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access nodes to the target nodes by selecting a best end-to-end path between the client 
and the server based in accordance with at least one performance metric (col. 1, line 57 
- col. 2, line 14, col. 4, lines 10-29, col. 13-15). 

Chan and Osterman do not explicitly teach access nodes configured to 
authenticate traffic directed to the server from the client. 

However, Corrigan teaches the use of validation nodes (paragraph 51). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Chan and Osterman in view of Corrigan to use access nodes 
configured to authenticate traffic directed to the server from the client. One would be 
motivated to do so because it guarantees confidentiality and integrity of all traffic. 

Regarding claim 24, Chan and Osterman teach the overlay network as recited in 
claim 23, wherein each overlay node is configured to dynamically select, a best target 
node for accessing the server and a best path to reach that target node (col. 13-15). 

Regarding claim 25, Chan and Osterman teach the overlay network as recited in 
claim 24, wherein the best path is selected via a best next hop measured in terms of the 
at least one performance metric (col. 13-15). 

Regarding claim 26, Chan and Osterman teach the overlay network as recited in 
claim 23, wherein each overlay node comprises: a ranking module configured to rank 
the overlay nodes based on the performance metric, wherein an overlay node with a 
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higher-ranking indicates that the overlay node has better performance for transferring 
traffic to one of the target nodes than overlay nodes with lower-rankings; and a probing 
module configured to probe a portion of the overlay nodes with higher-rankings more 
frequently than overlay nodes with lower-rankings during probing intervals (col. 1, line 
57 -col. 2, line 14, col. 4, lines 10-29, col. 13-15). 

Response to Arguments 

5. Applicant's arguments with respect to claims 1-27 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Pat. No. 5,539,659 to McKee et al., because it discloses ranking of nodes. 
U.S. Pat. No. 5,802,503 to Sansone, because it discloses nodes that are ranked 
and weighted. 

U.S. Pat. Publication No. 2002/0002686 to Vange et al., because it discloses a 
method and system for overcoming denial of service attacks. 

U.S. Pat. No. 7,185,077 to OToole et al., because it discloses performance 
metrics of a network and an overlay network of nodes. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AVI GOLD whose telephone number is (571)272-4002. 
The examiner can normally be reached on M-F 8:00-5:30 (1st Friday Off). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on 571-272-4001 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Avi Gold 
Patent Examiner 
Art Unit 2157 
AMG 

/Ario Etienne/ 

Supervisory Patent Examiner, Art Unit 2157 



